Hi there, I'm in charge of mixi platform supported OpenSocial in Japan. Our platform has already been elapsed one year. Therefore, a signed request has been supporting at this platform, and the key for signing will be expired next month.
When I generated the key, the modulus length of the key was 1024 bit. But, I heard recently that this length is short and dangerous. I think that we should use 2048 bit. However, if we use this length and sign each requests, I'm afraid that some libraries for OAuth can't use the key and can't validate the request... The bit length doesn't depend on the process of OAuth libs, right? And, if you are in any containers, how much long is the key length you are using? Thanks, -Yoichiro (mixi, Inc.)
